protegendo seus desktops e servidores com o microsoft forefront client security visão geral e...
TRANSCRIPT
Protegendo seus desktops e servidores com o Microsoft Forefront Client Security
Visão Geral e Implementação Técnica - Parte 1
Ricardo Frois
Security Specialist
Microsoft Brasil
• FCS Overview
• FCS Prerequisites
• Prerequisite installation and configuration
Agenda
Level 200
• Familiarity with Microsoft Operations Manager
• Familiarity with Microsoft SQL Server
• Experience with network security
Helpful Experience
Guidance
Developer Tools
SystemsManagementActive Directory Active Directory
Federation Services Federation Services (ADFS)(ADFS)
Identity
Management
Content
Services
Client and Server OS
Server Applicatio
ns
Edge
Network Access Protection (NAP)
A Comprehensive Security Solution
•InternetInternet
•AA
•BB
•CC
•DD
•EE
•Exchange Server/ Exchange Server/ Windows-based Windows-based SMTP ServerSMTP Server
• Distributed protectionDistributed protection
• Performance tuningPerformance tuning
• Content filteringContent filtering
• Central managementCentral management
•Gartner Magic Quadrant forGartner Magic Quadrant for•E-Mail Security Boundary 2006 * E-Mail Security Boundary 2006 *
•* * Magic Quadrant for E-Mail Security Boundary, 2006. Peter Firstbrook, Arabella Hallawell Magic Quadrant for E-Mail Security Boundary, 2006. Peter Firstbrook, Arabella Hallawell Publication Date: 25 September 2006/ID Number: G00142431Publication Date: 25 September 2006/ID Number: G00142431
6
Remove most Remove most prevalent viruses prevalent viruses
Remove all Remove all known known
viruses viruses Real-time Real-time antivirusantivirus
Remove all Remove all known known
spywarespywareReal-time Real-time antispywareantispyware
Central reporting Central reporting and alertingand alerting
CustomizationCustomization
Forefront Forefront ClientClient
SecuritySecurityMSRT MSRT Windows Windows DefenderDefender
Windows Windows Live Safety Live Safety
Center Center
Windows Windows Live Live
OneCare OneCare
IT Infrastructure IT Infrastructure IntegrationIntegration
FOR INDIVIDUAL USERSFOR INDIVIDUAL USERS FOR FOR BUSINESSESBUSINESSES
7
Solução unificada contra virus e spyware Construido usando como base tecnologia usada por
milhões de usuários Resposta a ameaças eficaz Complementa as outras soluções de segurança Microsoft
Console única para administração de segurança Definição de uma única política para as configurações de
proteção de clientes Distribuição de assinaturas e software de forma mais
rápida Integração com a infra estrutura existente
Um único painel de controle para visualização de ameaças e vulnerabilidades
Visualização de relatórios mais importantes Permite que os administradores se mantenham informados
sobre o estado de scannings, alertas de segurança
Proteção unificada contra malware para desktops, laptops e servidores corporativos com gerenciamento e controle unificados
Greater confidence
Greater efficiency
Greater control
Proteção unificada contra malware para desktops, laptops e servidores corporativos com gerenciamento e controle unificados
• Reviewing FCS
• Installing Prerequisites
Agenda
Hardware Prerequisites
Domain Controller133 Mhz
128 MB RAM2GB available
disk space
FCS ServerMinimum750 Mhz
512 MB RAM80GB available
disk spaceDVD-ROM
FCS Client
500 Mhz256 MB RAM
350MB available disk space
Software Prerequisites
SQL Server 2005 + Reporting Services
Windows Software Update Services
Group Policy Management Console
.NET Framework 2.0
MMC 3.0
IIS 6.0Installed with FCS
Hotfixes for MOM and SQL
Microsoft Operations Manager 2005 SP1
Microsoft Operations Manager Reporting
Demo
Installing Software Prerequisites
Review Installed Prerequisites Review Reporting Services
Configuration Install .NET Framework 2.0
demonstration
Understanding Policies
Forefront Client Security Console
Administrator creates & deploys policy
Group Policy Management Console
Clients
Install and Configure IIS
Configure your Server Wizard
Add Application Server Role (IIS)
Enable FrontPage Server Extensions
Enable ASP.NET
Install SQL Server 2005
Install new or use existing SQL Server with Service Pack 1
Existing SQL Server cannot contain OnePoint or SystemCenterReporting databases
Install Database Engine and Reporting Services
Use Windows Authentication whenever possible on SQL Server 2005.
Install GPMC, .NET, and MMC
GPMC SP1• Required for management server role• Download from Microsoft
.NET Framework 2.0• Required for management server role• Usually already installed
MMC 3.0• Required for management server role• Included with Windows Server 2003 R2
Install WSUS
• Store updates locally
• Create a WSUS Web site during installation—FCS requires WSUS to use port 8530
• Configure automatic approval
• First synchronization can take several hours
18
Demo
• Using Forefront Client Security to Protect Client Computers
• Updating Signature Files
• Using Policies to Manage Client Computers
DDemonstration
• Supported Platforms
– Server• Windows 2003 Server/SP1• Windows 2003 Server/R2• Longhorn Server (at RTM)
– Client• Windows 2000/SP4 + Rollup
– Requires GDI+ QFE
• Windows XP/SP2– Requires Filter Manager QFE
• Windows Vista– Business SKUs only
21
One dashboard for visibility into threats and vulnerabilities
View insightful reports
Stay informed with state assessment scans and security alerts
22
Viewing ReportsReporting Details
Integração com MOM 2005
Uso SQL Reporting Services
Demonstra o status da segurança contra malware na
sua empresa
Especifica point-in-time e over time
Tipos de Relatorios
Malware Threat(s)Malware Threat(s)
Vulnerability SummaryVulnerability Summary
Scan ResultsScan Results
Historical InformationHistorical Information
Summary ReportSummary Report
Deployment Deployment
AlertsAlerts
ComputersComputers
23
Malware outbreakMalware outbreak
Malware protection disabledMalware protection disabled
Malware detectedMalware detected
Malware failed to removeMalware failed to remove
Respond to AlertsAlerting Functionality
Notificação e administração dos valores de incidentes
incluindo:
Controle do tipo de nivel de alertas & volume de alertas Controle do tipo de nivel de alertas & volume de alertas geradosgerados
11 55443322
OutbreakOutbreak Malware Malware removal removal
failedfailed
Signature Signature update update failedfailed
Malware Malware detected and detected and
removedremoved
Signature Signature update failed update failed
(per min)(per min)
Rich Data,Rich Data,High Value AssetsHigh Value Assets
Critical Issues Only,Critical Issues Only,Low Value Assets Low Value Assets
Security SummarySecurity SummarySecurity SummarySecurity Summary
•CurrentCurrent
•ClientClient
•ServerServer
•EdgeEdge
•Dec 2006Dec 2006 •20072007++
•TBDTBD
Security Product Roadmap
AntigenMessaging Security Suite
Microsoft®
• Public beta available now!
– Download at
http://www.microsoft.com/clientsecurity
– Community-based support at
http://www.microsoft.com/technet/clientsecurity
• Release To Manufacture planned for
Q2 CY2007
• Will be available through Microsoft’s
volume licensing programs
http://www.microsoft.com/isaserver/
2006
http://www.microsoft.com/clientsecurityhttp://www.microsoft.com/clientsecurity
http://www.microsoft.com/antigenhttp://www.microsoft.com/antigen
Put your organization through a security auditPut your organization through a security audit
Contact your Microsoft rep or reseller for information Contact your Microsoft rep or reseller for information and adviceand advice
http://www.microsoft.com/forefronthttp://www.microsoft.com/forefront
Download trial versions ofDownload trial versions of
Register for beta information aboutRegister for beta information about
Other Resources
Technical Chats and WebcastsTechnical Chats and Webcastshttp://www.microsoft.com/communities/chats/http://www.microsoft.com/communities/chats/default.mspx default.mspx
http://www.microsoft.com/usa/webcasts/http://www.microsoft.com/usa/webcasts/default.aspdefault.asp
Microsoft Learning and CertificationMicrosoft Learning and Certificationhttp://www.microsoft.com/learning/default.mspxhttp://www.microsoft.com/learning/default.mspx
MSDN & TechNet MSDN & TechNet http://microsoft.com/msdnhttp://microsoft.com/msdn
http://microsoft.com/technethttp://microsoft.com/technet
Virtual LabsVirtual Labshttp://www.microsoft.com/technet/traincert/http://www.microsoft.com/technet/traincert/virtuallab/rms.mspxvirtuallab/rms.mspx
© 2006 Microsoft Corporation. All rights reserved.
This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
•Magic Quadrant Disclaimer Magic Quadrant Disclaimer
This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Microsoft. Go to: Gartner report is available upon request from Microsoft. Go to: www.microsoft.com/forefront www.microsoft.com/forefront
•The Magic Quadrant noted on slide 10 is copyrighted September 25, 2006, by The Magic Quadrant noted on slide 10 is copyrighted September 25, 2006, by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders" quadrant. The Magic Quadrant to select only those vendors placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular research, including any warranties of merchantability or fitness for a particular purpose. purpose.